Re: CVE Request: PHP openssl_encrypt memory disclosure

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/18/2013 08:59 AM, Marc Deslauriers wrote:
> Hello,
>
> PHP 5.3.9 to 5.3.13 disclose arbitrary memory when an empty $data
> string is passed to openssl_encrypt.
>
> It was introduced with the following commit: 
> http://git.php.net/?p=php-src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
>
>  and was fixed in 5.3.14 with the following: 
> http://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
>
>  Bugs:
>
> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1099793 
> https://bugs.php.net/bug.php?id=61413
>
> Could a CVE please be assigned to this issue?
>
> Thanks,
>
> Marc.

Please use CVE-2012-6113 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ+apUAAoJEBYNRVNeJnmTNT0P/iUJSudEE5cbicav6oL75pJE
pGbL0naByi6OmtbtczJ23TJqXkfLoAtvXEvUP0jxRJPAyyx9nOzFSKAWL9ET8FVP
7TOESNW78DqXga4rlkFcpZgJgFS718gWl/wRfs5ssmnxb5Sl8fk7RhJh00ApzX6z
WDx8db1r32WI+q25W1ATCzrII9pxhxO0sUjJOmFYcsxaU5lgKh5zsZp0CROACKLI
O0n47CDvlBazAKCmlvgnvEvVpYvZV1R+HmKy9dRV9PgOIcyDVAENifwBYo3fBYg1
YuBg9Wd+jpiuarkcNvGLHf5hpHBX9wvc3D+vV3K2BdmfoLujUuAxGeOTpQGVMpg0
AAgZmOHKI7Cfr/u9FngccN3ktByCqnsPf/+gpk1mlw0PJguQEyj4CrOFX6aklFMg
OYs7sgaVXwYsyH82a2OCbFEf4vQoMJd6Zbn+YfJJD59B3ZiniK0GbmbJgMdI1zxD
PY2eGuokDB2Aj9ECiSPNTHl92EtUg8u5FQjX0ZC6AnFUwZ4FatkNsmiYmNNjnIKn
xxC7kHjhTaZ9T4rr5PGj3MHrOwY4Dispfe/Kxo9XphGsLBKq0qJjF3GpYz4aYtVn
6xizt1n8YEeYAp2RxQsyyvPMs6eGjrqozi05ZELpNDe2sFke5PeTlZUAxPGmqhRJ
VydAk2tlSUTXgUJkzItG
=a2aY
-----END PGP SIGNATURE-----